1

私は GateIn ポータル ベースのアプリケーションを使用しており、オフライン フォーム (javascript を使用して送信された HTML フォーム) を送信しています。

フォーム送信を に POST していServletます。ユーザーがログインしているかどうかを確認します。Servletユーザーがログインしていない場合は、ユーザーをログイン ページにリダイレクトし、フォーム データを解析してセッションに保存し、ログイン ページを表示します。ログインページから、ユーザーは資格情報を入力して送信します。ログイン ポートレットでは、保存されたセッション データを使用できません

同じことがmozillaで機能しています。

Servletログインページへのリダイレクトが行われる場所から:

protected void doPost(HttpServletRequest aoRequest, HttpServletResponse aoResponse) throws ServletException, IOException
{
  MOLOGWRAPPER.info("SPEFormServiceServlet doPost start");
  Map<String, Object> loHMForm = null;
  String lsIsOffline = null;
  String lsServiceName = null;
  String lsApplicantId = null;
  lsIsOffline = (String) aoRequest.getParameter("Offline");
  String lsTimeStamp = null;
  long loTimeStamp;
  String lsContentPath = this.getServletConfig().getServletContext().getRealPath("");
  if (null != aoRequest.getParameter("formAction") && "fromLogin".equalsIgnoreCase(aoRequest.getParameter("formAction")))
  {
    loHMForm = (Map<String, Object>) aoRequest.getSession().getAttribute("OfflineData");
  }
  //MOLOGWRAPPER.info("LoHM after login in servlet "+loHMForm);
  String msUserId = null;
  if (null != aoRequest.getUserPrincipal())
    msUserId = aoRequest.getUserPrincipal().getName();
  HttpSession moSession = aoRequest.getSession();
  try
  {
    if (null != aoRequest.getParameter("serviceName"))
    {
      lsServiceName = aoRequest.getParameter("serviceName").trim();
    }
    lsApplicantId = aoRequest.getParameter("applicantId");
    // Getting unique time stamp for per user per service
    if (null != aoRequest.getParameter("timestamp"))
    {
      lsTimeStamp = aoRequest.getParameter("timestamp").trim();
      loTimeStamp = Long.parseLong(aoRequest.getParameter("timestamp"));
    } else
    {
      loTimeStamp = (new Date()).getTime();
      lsTimeStamp = String.valueOf(loTimeStamp);
      aoRequest.setAttribute("TMAttachment", lsTimeStamp);
    }
    if (null != lsIsOffline && lsIsOffline.equals("Y"))
    {
      if (null == msUserId)
      {
        try
        {
          MOLOGWRAPPER.info("SPEFormServiceServlet in logout block msUserId:" + msUserId);
          MOLOGWRAPPER.info("SPEFormServiceServlet in logout block SessionID:" + aoRequest.getSession().getId());
          aoRequest.logout();
        } catch (ServletException e)
        {
          e.printStackTrace();
        }
        aoRequest.getSession().setAttribute("OfflineData", loHMForm);
        aoRequest.setAttribute("OfflineData", loHMForm);
        aoResponse.sendRedirect(aoRequest.getScheme() + "://" + aoRequest.getServerName() + ":" + aoRequest.getServerPort() + "/portal/portal/Login?offlineFlag=y&FromForm=y&sp_serviceName=" + lsServiceName);
        return;
      }
    }
  } catch (Exception e)
  {

  }
}

ログイン ポートレット:

  • doView:
public void doView(RenderRequest aoRequest, RenderResponse aoResponse)
    throws PortletException, IOException
{

  RenderRequestImpl renderRequest = (RenderRequestImpl) aoRequest;
  HttpServletRequestWrapper httpReq = renderRequest.getRealRequest();
  String serviceName = httpReq.getParameter("sp_serviceName");
  aoRequest.setAttribute("sp_serviceName", serviceName);
  String offlineFlag = httpReq.getParameter("offlineFlag");
  aoRequest.setAttribute("sp_offlineFlag", offlineFlag);
  String fromFrom = httpReq.getParameter("FromForm");
  aoRequest.setAttribute("FromForm", fromFrom);

  PortletSession moSession = aoRequest.getPortletSession();

  if (null != httpReq.getParameter("FromForm") && "Y".equalsIgnoreCase(fromFrom))
  {
    moSession.setAttribute("OfflineData",
        httpReq.getSession().getAttribute("OfflineData"),
        PortletSession.APPLICATION_SCOPE);
  }

  lscsrfVal = RandomStringUtils.randomAlphanumeric(40);
  moSession.setAttribute("csrfVal", lscsrfVal);
  aoRequest.setAttribute("csrfVal", lscsrfVal);
  logger.info("lscsrfVal :: " + lscsrfVal);
  logger.info("moSession : Doview id :: " + moSession.getId());
}
  • processAction:
public void processAction(ActionRequest aoRequest, ActionResponse aoResponse)
    throws PortletException
{

  PortletSession moSession = aoRequest.getPortletSession();
  logger.info("moSession : Process Action id :: " + moSession.getId());
  logger.info("csrfVal == " + moSession.getAttribute("csrfVal"));
  HttpServletRequest req = Util.getPortalRequestContext().getRequest();
  HttpSession moHttpSession = req.getSession();
  moHttpSession.getAttribute("csrfVal");
  logger.info("moHttpSession : Process Action id :: " + moHttpSession.getId());
  logger.info("moHttpSession : Process Action OfflineData ::"
      + moHttpSession.getAttribute("OfflineData"));

  if (null != moSession.getAttribute("csrfVal")
      && null != aoRequest.getParameter("sp_csrf")
      && aoRequest.getParameter("sp_csrf").equals(moSession.getAttribute("csrfVal")))
  {
    logger.info("request is valid");
    moSession.removeAttribute("csrfVal");
  } else
  {
    moSession.setAttribute("csrfValErr", "true");
    logger.info("request is invalid :: Redirect to Login");
    return;
  }
}

ログ:

15:37:41,387 INFO  [com.abc.sp.action.SPEFormServiceServlet] (ajp-/127.0.0.1:8009-1) SPEFormServiceServlet in logout block msUserId:null
15:37:41,387 INFO  [com.abc.sp.action.SPEFormServiceServlet] (ajp-/127.0.0.1:8009-1) SPEFormServiceServlet in logout block SessionID:k4dIpdc1Dqiadh4ZMCGTQaeN

15:37:44,418 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) SPUserActionPortlet : doView : start
15:37:45,287 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) lscsrfVal :: PLlmfohMhtPBkO2Qt7HAQAMQsdaAg5qsEWCII8aP
15:37:45,287 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) moSession : Doview id :: NC9VLsKmqKPuev2AA304RMTU
15:37:45,287 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) SPUserActionPortlet : doView : end

15:38:07,471 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) SPUserActionPortlet : processAction : Start
15:38:07,491 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) moSession : Process Action id :: o8t09QtNv7-fpR0hcP7uXs1g
15:38:07,491 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) csrfVal == null
15:38:07,491 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) moHttpSession : Process Action id :: o8t09QtNv7-fpR0hcP7uXs1g
15:38:07,491 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) moHttpSession : Process Action OfflineData :: null
15:38:07,491 INFO  [com.abc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-1) request is invalid :: Redirect to Login                

編集

HttpServletRequest を使用した doView メソッド httpReq=Util.getPortalRequestContext().getRequest();

public void doView(RenderRequest aoRequest, RenderResponse aoResponse)
            throws PortletException, IOException {
        HttpServletRequest httpReq=Util.getPortalRequestContext().getRequest();
        HttpSession moHttpSession =httpReq.getSession();
        String serviceName=httpReq.getParameter("sp_serviceName");
        aoRequest.setAttribute("sp_serviceName", serviceName);
        String offlineFlag=httpReq.getParameter("offlineFlag");
        aoRequest.setAttribute("sp_offlineFlag", offlineFlag);
        String fromFrom=httpReq.getParameter("FromForm");
        aoRequest.setAttribute("FromForm", fromFrom);
        PortletSession moSession = aoRequest.getPortletSession();
        if(null!=httpReq.getParameter("FromForm") && "Y".equalsIgnoreCase(fromFrom)){
            moSession.setAttribute("OfflineData", httpReq.getSession().getAttribute("OfflineData"), PortletSession.APPLICATION_SCOPE);
        }

        lscsrfVal =  RandomStringUtils.randomAlphanumeric(40);
        moSession.setAttribute("csrfVal",lscsrfVal);
        aoRequest.setAttribute("csrfVal",lscsrfVal);
        MOLOGWRAPPER.info("lscsrfVal :: "+lscsrfVal);
        MOLOGWRAPPER.info("moSession : Doview id :: "+moSession.getId());

    }

ログ: doView で:

11:56:05,636 INFO  [com.acc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-2) SPUserActionPortlet : doView : start
11:56:05,637 INFO  [com.acc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-2) lscsrfVal :: TsUGvRcevcuSeo4a7daqhl2bjU6lJf9Cg6MNLgYn
11:56:05,637 INFO  [com.acc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-2) moSession : Doview id :: 7jxf2nzyatjdxYgoMYYGHKyj
11:56:05,637 INFO  [com.acc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-2) SPUserActionPortlet : doView : end

ログ: 処理中アクション:

11:56:37,526 INFO  [com.acc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-5) moSession : Process Action id :: -r96FXye5MlDW+xsEjUgKbzV
11:56:37,527 INFO  [com.acc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-5) csrfVal == null
11:56:37,527 INFO  [com.acc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-5) moHttpSession : Process Action id :: -r96FXye5MlDW+xsEjUgKbzV
11:56:37,528 INFO  [com.acc.sp.action.SPUserActionPortlet] (ajp-/127.0.0.1:8009-5) moHttpSession : Process Action OfflineData :: null
4

1 に答える 1

0

ポートレットの仕様 (JSR-168 および JSR-286) には、ポートレットのライフサイクルが記載されており、次のようにフローする必要があります。

init -> processAction -> render -> destroy

このdoViewメソッドは、ポータル コンテナがレンダリング プロセス起動し、ポータルが表示モードのときに実行されます。したがって、このメソッドはprocessActionメソッドの後に呼び出されます。したがって、ホイールを逆にして、セッション属性をメソッド内processActionではなくメソッド内に設定してみてくださいdoView

于 2014-08-27T12:31:48.443 に答える